Apertis Rollback Daemon
With the 14.12 release of Apertis, a new daemon is included that watches the systemd journal for important events and triggers a system rollback if necessary.
Currently only events that have field "CHAIWALA_ROLLBACK" trigger the rollback, but extending the daemon to rollback based on known error messages from specific daemons or error messages above a certain priority would be trivial.
Causing a Rollback
To force a rollback, an application just has to call:
#include <systemd/sd-journal.h> ... sd_journal_send("MESSAGE=FORCED ROLLBACK", "PRIORITY=0", "CHAIWALA_ROLLBACK=1", NULL);
And to force a rollback with blacklisting of the update:
#include <systemd/sd-journal.h> ... sd_journal_send("MESSAGE=FORCED ROLLBACK WITH BLACKLIST", "PRIORITY=0", "CHAIWALA_ROLLBACK=2", NULL);
Note that message text and priority can be anything, only the CHAIWALA_ROLLBACK field is required by the daemon. The daemon will set the boot flags correctly for the operation (blacklist or rollback), sync the filesystem, and cause an immediate reboot without cleanly shutting down via systemd. The rationale for this is that the system is expected to be in a badly broken state and a regular shutdown procedure is likely not possible.
Forcing a Rollback from the Command Line
A command line application – chaiwala_rollback – has been provided to test the rollback daemon.
When called with no parameters it will cause a rollback, if called with the parameter '-b' it will force blacklisting of the running version so future updates shouldn't create the same potentially unstable system state.